<?php
		
	/* SVN FILE: $Id: download.php 8 2011-03-13 08:32:38Z michele.andreoletti@gmail.com $ */
	
	/**
	* Project Name : arcadia
	*
	* @author $Author: michele.andreoletti@gmail.com $
	* @version $Revision: 8 $
	* @lastrevision $Date: 2011-03-13 08:32:38 +0000 (Sun, 13 Mar 2011) $
	* @filesource $URL: http://arcadia.googlecode.com/svn/trunk/include/download.php $
	*/
			
	date_default_timezone_set('Europe/Rome');

	if(isset($_GET['sAPP']) && !empty($_GET['sAPP'])) {
		$sAPP = $_GET['sAPP'];	
	
	} else {
		require_once "./const.inc.php";
		require_once "./functions.php";
		// require_once "./auth.inc.php";
		require_once "./conn.inc.php";
		
		fnUpdateLog('APP NOT DEFINED', 0, '', 'E');
		echo fnJsonOutput(fnCurrentScript(), '', '', 888);
		die();
	
	}

	require_once "../$sAPP/include/const.inc.php";
	require_once "../$sAPP/include/functions.php";
	require_once "./auth.inc.php";
	require_once "./conn.inc.php";
	
	fnGetValueFromGET(array('iUpload','iView','sViewItemLink','sAPP'));
		
	fnViewConst($sViewItemLink);
	
	$aData = fnCheckView($iView, $sViewSelectFrom, $sViewSelectGroupBy, 'aData');
	
	if (!empty($aData)) {
	
		$iAccessLvl = fnViewAccessLvl($iView, $aTABLE, $aTABLE_SECURITY_CHECK);
		$iFieldAccessLvl = fnFieldAccessLvl($iAccessLvl, $iTabUploads,'uploads');
		
		if(isset($iUpload) && !empty($iUpload)) {
			if (is_allowed('view', $iFieldAccessLvl)) {
				$sQuery   = "SELECT `sName`, `sType`, `iSize`, `binData` FROM `uploads_bin`
					LEFT OUTER JOIN `uploads` ON `uploads_bin`.`iUpload` = `uploads`.`id`
					WHERE `iUpload` = '$iUpload'";
				$rResult  = custom_mysql_query($sQuery);
				if (mysql_num_rows($rResult) >= 1) {
					list($sName, $sType, $iLength, $binContent) = mysql_fetch_array($rResult);
					header("Content-Disposition: attachment; filename=$sName");
					header("Content-length: $iLength");
					header("Content-type: $sType");
					echo $binContent;
					die();
				} else {
					fnUpdateLog('FILE NOT FOUND', $iView, $sViewSelectFrom, 'E');
				}
			} else {
				fnUpdateLog('LOW RIGHTS', $iView, $sViewSelectFrom, 'S');
			}
		} else {
			fnUpdateLog('FILE ID EMPTY', $iView, $sViewSelectFrom, 'E');
		}
	} else {
		fnUpdateLog('RECORD NOT FOUND', $iView, $sViewSelectFrom, 'E');
	}
?>
